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The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 
All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . ^ This communication is responsive to 08/31/06 . 

2. S The allowed claim(s) is/are 27-47 . 

3. □ Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a) □ AM b)DSome* c) □ None of the: 

1. □ Certified copies of the priority documents have been received. 

2. □ Certified copies of the priority documents have been received in Application No. . 

3. □ Copies of the certified copies of the priority documents have been received in this national stage application from the 

International Bureau (PCT Rule 17.2(a)). 
* Certified copies not received: . 

Applicant has THREE MONTHS FROM THE "MAILING DATE" of this communication to file a reply complying with the requirements 
noted below. Failure to timely comply will result in ABANDONMENT of this application. 
THIS THREE-MONTH PERIOD IS NOT EXTENDABLE. 

4. □ A SUBSTITUTE OATH OR DECLARATION must be submitted. Note the attached EXAMINER'S AMENDMENT or NOTICE OF 

INFORMAL PATENT APPLICATION (PTO-152) which gives reason(s) why the oath or declaration is deficient. 

5. □ CORRECTED DRAWINGS ( as "replacement sheets") must be submitted. 

(a) □ including changes required by the Notice of Draftsperson's Patent Drawing Review ( PTO-948) attached 

1) □ hereto or 2) □ to Paper No./Mail Date . 

(b) □ including changes required by the attached Examiner's Amendment / Comment or in the Office action of 

Paper No./Mail Date . 

Identifying indicia such as the application number (see 37 CFR 1.84(c)) should be written on the drawings in the front (not the back) of 
each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 
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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1 .3 12. To ensure consideration of such an amendment, it MUST be submitted ho later than the 
payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview with 
William P. Wilbar on 10/26/06. 

The application has been amended as follows: 
Replace claim 27 with the claim below: 

27. A firewall device for inspecting packets transmitted over a network comprising: 

a) a firewall core connected to each of a plurality of communication interfaces and executing at 
least one inspection module wherein each at least one inspection module is software code 
configured to carry out an operation of providing protocol information for a particular protocol to 
said firewall core; and 

b) a new inspection module inserted into an operating memory of said firewall core during 
operation of said firewall core wherein said new inspection module is software code configured 
to carry out an operation of providing protocol inspection for a new particular protocol to said 
firewall core wherein said new particular protocol is different from each said particular protocol 
provided by each said at least one inspection module and wherein each said at least one 
inspection module and new inspection module are each further configured to indicate to said 
firewall core which protocol for data packets said inspection module is configured to provide 
inspection. 
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30. Cancel 

Replace claim 32 with the claim below: 

32. A firewall core in a firewall system that inspects data packets transmitted over a network 
comprising: 

a communication unit where said communication unit is operatively coupled to each one 
of a plurality of communication interfaces connected to said network; 

a set of callback functions, retrieved from each of at least one inspection modules loaded 
into a memory of said firewall core, each of said set of callback functions provide 
communication between said firewall core and one of said at least one inspection modules and 
wherein each said at least one inspection module is software code configured to carry out the 
operation of providing protocol information and to inspect data packets of a particular protocol; 

and wherein said firewall core monitors said memory to determine when a new 
inspection module is loaded into said memory wherein said in new inspection module is inserted 
into an operating memory of said firewall core during operation of said firewall core wherein 
said new inspection module is software code configured to carry out an operation of providing 
protocol inspection for a new particular protocol to said firewall core wherein said new particular 
protocol is different from each said particular protocol provided by each said at least one 
inspection module and wherein each said at least one inspection module and new inspection 
module are each further configured to indicate to said firewall core which protocol for data 
packets said inspection module is configured to provide inspection. 
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Replace claim 36 with the claim below: 

36. An inspection module in a memory of a firewall device comprising software code that 
inspects packets transmitted over a network in a particular protocol, said inspection module 
comprising: 

an inspection unit configured to inspect and authorize data packets formatted in a new 
particular protocol wherein said new particular protocol is different from each said particular 
protocol provided by other inspection modules in said memory; 

a function table including a set of callback functions wherein said set if callback functions 
provides communication between said firewall core and said inspection module; and 

wherein said inspection module is loaded into said memory monitored by said firewall 
core during operation of said firewall device and indicates to said firewall core said new 
particular protocol for data packets said inspection module is configured to provide inspection. 

Replace claim 39 with the claim below: 

39. A method for providing an inspection module for inspecting data packets of a particular 
protocol to a firewall system during runtime comprising: 

loading a new inspection module into a memory monitored by a firewall core during 
operation of said firewall system wherein said inspection module comprises software code for an 
application providing inspections of packets in a new particular protocol wherein said new 
particular protocol is different from each said particular protocol provided by other inspection 
modules in said memory; 
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communicating said set of callback functions from said inspection module to said firewall 

core; 

indicating to said firewall core which protocol for data packets said inspection module is 
configured to provide inspection. 

Replace claim 43 with the claim below: 

43. A program storage device readable by a machine, tangibly embodying a program of 
instructions executable by the machine to perform a method for adding protocol knowledge to a 
firewall system during runtime comprising, said firewall system including a firewall core, said 
method comprising: 

loading a new inspection module into a memory monitored by said firewall core during 
operation of said firewall system wherein said inspection module comprises software code 
executable to inspect a data packet of a new particular protocol wherein said new particular 
protocol is different from each said particular protocol provided by other inspection modules in 
said memory and indicates to said firewall core said new particular protocol for data packets said 
inspection module is configured to provide inspection notifying the firewall core said inspection 
module is loaded into said memory responsive to said loading; 

and communicating a set of callback functions from said inspection module to said 
firewall core. 
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Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W. Klimach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Monday, October 30, 2006 
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